phfsut2ie
/
gym
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
gym/AuthorizationInterceptor.java

127 lines
5.6 KiB
Raw Permalink Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

// 包声明,定义当前类所在的包路径
package com.interceptor;
// 导入Java IO包中的IOException类用于处理输入输出异常
import java.io.IOException;
// 导入Java IO包中的PrintWriter类用于向客户端输出数据
import java.io.PrintWriter;
// 导入Java util包中的HashMap类用于存储键值对数据
import java.util.HashMap;
// 导入Java util包中的Map接口用于定义键值对集合
import java.util.Map;
// 导入FastJSON的JSONObject类用于处理JSON数据
import com.alibaba.fastjson.JSONObject;
// 导入Servlet包中的HttpServletRequest类用于处理HTTP请求
import javax.servlet.http.HttpServletRequest;
// 导入Servlet包中的HttpServletResponse类用于处理HTTP响应
import javax.servlet.http.HttpServletResponse;
// 导入Apache Commons Lang库中的StringUtils类用于字符串处理
import org.apache.commons.lang3.StringUtils;
// 导入Spring框架的Autowired注解用于自动装配依赖
import org.springframework.beans.factory.annotation.Autowired;
// 导入Spring框架的Component注解标识该类为Spring组件
import org.springframework.stereotype.Component;
// 导入Spring Web包中的HandlerMethod类用于处理方法级别的处理器
import org.springframework.web.method.HandlerMethod;
// 导入Spring Web MVC包中的HandlerInterceptor接口用于定义拦截器
import org.springframework.web.servlet.HandlerInterceptor;
// 导入自定义的IgnoreAuth注解用于标记不需要认证的方法
import com.annotation.IgnoreAuth;
// 导入自定义的EIException异常类用于处理业务异常
import com.entity.EIException;
// 导入自定义的TokenEntity实体类用于表示令牌信息
import com.entity.TokenEntity;
// 导入自定义的TokenService服务类用于处理令牌相关逻辑
import com.service.TokenService;
// 导入自定义的R工具类用于封装统一响应格式
import com.utils.R;
// 权限(Token)验证拦截器
@Component
public class AuthorizationInterceptor implements HandlerInterceptor {
// 登录Token的键名
public static final String LOGIN_TOKEN_KEY = "Token";
@Autowired
private TokenService tokenService; // 自动注入Token服务
@Override
//在请求处理之前进行拦截
// @param request HTTP请求对象
// @param response HTTP响应对象
//@param handler 处理器对象
// @return 如果返回true则继续处理请求如果返回false则中断请求处理
// @throws Exception 处理过程中可能抛出的异常
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 获取请求路径
String servletPath = request.getServletPath();
// 如果是字典表或文件上传或用户注册接口,直接放行
if("/dictionary/page".equals(request.getServletPath()) || "/file/upload".equals(request.getServletPath()) || "/yonghu/register".equals(request.getServletPath()) ){
return true;
}
// 支持跨域请求
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with,request-source,Token, Origin,imgType, Content-Type, cache-control,postman-token,Cookie, Accept,authorization");
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
IgnoreAuth annotation;
// 如果handler是方法处理器则尝试获取IgnoreAuth注解
if (handler instanceof HandlerMethod) {
annotation = ((HandlerMethod) handler).getMethodAnnotation(IgnoreAuth.class);
} else {
return true; // 如果不是方法处理器,直接放行
}
//从header中获取token
String token = request.getHeader(LOGIN_TOKEN_KEY);
/**
* 不需要验证权限的方法直接放过
*/
if(annotation!=null) {
return true; // 如果存在IgnoreAuth注解直接放行
}
TokenEntity tokenEntity = null;
// 如果token不为空验证token
if(StringUtils.isNotBlank(token)) {
tokenEntity = tokenService.getTokenEntity(token);
}
// 如果token有效设置session属性并放行
if(tokenEntity != null) {
request.getSession().setAttribute("userId", tokenEntity.getUserid());
request.getSession().setAttribute("role", tokenEntity.getRole());
request.getSession().setAttribute("tableName", tokenEntity.getTablename());
request.getSession().setAttribute("username", tokenEntity.getUsername());
return true;
}
PrintWriter writer = null;
response.setCharacterEncoding("UTF-8"); // 设置响应字符编码为UTF-8
response.setContentType("application/json; charset=utf-8"); // 设置响应内容类型为JSON
try {
writer = response.getWriter(); // 获取响应输出流
writer.print(JSONObject.toJSONString(R.error(401, "请先登录"))); // 返回错误信息
} finally {
if(writer != null){
writer.close(); // 关闭响应输出流
}
}
// throw new EIException("请先登录", 401); // 抛出未登录异常,已注释掉
return false; // 返回false中断请求处理
}
}
Reference in new issue View Git Blame Copy Permalink